Android Application Backdoor via Appium

schedule Jun 29th 02:00 - 02:45 PM place Kalinga Hall 2 people 99 Interested

Application Backdoor via Appium

There's a shift towards open-source mobile test automation tools happening today among developers and QAs. Whether it be Appium, Calabash or anything else: all are good, with some major limitations.

While a chosen tool may work well when you first start using it, things can quickly get out of hand with changing business requirements. We started using Calabash at Badoo when there was no Appium. Given the capability of Appium to drive the whole device, we started automation of new apps with Appium. However, we realized a powerful feature was missing in Appium for Android! : The ability to call Application code from automation code like Calabash Backdoors.

As Appium UiAutomator server is based on instrumentation, we modified it such that we could instrument our app under test. This gave us the power to access context of Application under test and invoke public methods of Activity using reflection APIs. We use these methods to setup app state, seed DB OR even enable/disable some client-side A/B tests. This makes our application more testable and our tests more predictable.

This talk is going to be about how I achieved the above solution and benefits of backdoors.

There will be a small demo and code!

 
8 favorite thumb_down thumb_up 4 comments visibility_off  Remove from Watchlist visibility  Add to Watchlist
 

Outline/Structure of the Demonstration

- Some tricky situations during mobile test automation

- Can test code talk to Application code?

- The concept of backdoors in automation. Let your app help!

- Live Demo of backdoors in Appium with a sample App

- How I patched Appium to achieve this. Explanation using code

- Instrumenting App under test with Appium

- Benefits of backdoors

- Being careful and avoiding pitfalls

Learning Outcome

Backdoors are a very useful way of invoking application code using automation code. Selenium supports it, Calabash supports it too. but Appium does not. In this talk, I will share how I patched Appium to put this support. This will help all automation engineers and will open up lots of possibilities like automation of impossible features, automation of analytics, mocking internal app state etc.

Target Audience

Mobile automation engineers

schedule Submitted 1 year ago

Public Feedback

comment Suggest improvements to the Speaker

  • Liked Srinivasan Sekar
    keyboard_arrow_down

    Srinivasan Sekar / Sai Krishna - Advanced Appium

    Srinivasan Sekar
    Srinivasan Sekar
    Lead Consultant
    Thoughtworks
    Sai Krishna
    Sai Krishna
    Lead Consultant
    Thoughtworks
    schedule 1 year ago
    Sold Out!
    480 Mins
    Workshop
    Intermediate

    At this workshop, you'll learn about advanced concepts in Appium. We will learn how to write a single script for Android, iOS and mobile web apps. Once our tests are established, we will work on framework design and report. We will also have a detailed look at how can we automate various mobile gestures using TouchActions and mobile endpoints in Appium and running distributed tests in parallel on various emulators and simulators.

  • Liked Ivan Krutov
    keyboard_arrow_down

    Ivan Krutov - Reliable. Scalable. Lightning fast. Running 1 000 000 Android tests with Selenoid.

    Ivan Krutov
    Ivan Krutov
    Developer
    Aerokube
    schedule 1 year ago
    Sold Out!
    45 Mins
    Talk
    Intermediate

    Mobile platforms nowadays give more than a half of the worldwide Internet traffic. Being the most widespread platform, Android is slightly more difficult to work with from test automation perspective than traditional desktop browser automation. Last autumn in Berlin I have shown Selenoid - an open-source Selenium protocol implementation that dramatically simplifies working with Selenium for desktop browsers. In this talk I would like to demostrate how it is possible to have the same experience on Android platform for mobile application and mobile web testing.

  • Liked Srinivasan Sekar
    keyboard_arrow_down

    Srinivasan Sekar / Sai Krishna - Code Once Test Anywhere: On Demand Private Appium Device Cloud using ATD

    45 Mins
    Case Study
    Beginner

    Mobile Test Automation is increasingly becoming very important. Almost all web applications are responsive these days and it's very important to test how the application works across devices. The same is true with the native application as well. At the same time, the number of devices and the custom OS versions on devices are also vast. This means that it's harder for a tester to manually run the automated tests over a list of devices to get device coverage and quicker results over every feature development.

    We came up with a solution of executing tests in distributed or parallel fashion across remote devices from anywhere in the network using Appium Test Distribution. Same framework is officially used by Appium members for Beta testing of Appium.

    USP of ATD over other Market Solutions:

    • Device Cloud:
      • Setup Devices anywhere within a network, ATD executes remotely without Grid
      • Never worry about device location in network.
    • Plug and Play:
      • Connect your android/iOS devices or Emulators/Simulators and just execute tests.
    • Multiple TestRunner:
      • TestNG and Cucumber
    • Parallel Test Execution:
      • Runs across all connected iOS, Android real devices and Simulators/Emulators
    • Test Coverage:
      • Parallel(Run entire suite across all devices, which gives device coverage)
      • Distribute(Run tests across devices to get faster feedback).
    • Device Management:
      • Manage devices remotely using Device Manager.
    • Reporting:
      • Covers detailed crashes logs from Android and iOS.
      • Appium Servers logs
      • Screenshots on Failures and On Demand Video logs
      • Reporting Trends for multiple builds
    • Manual Access to Remote Devices - OpenSTF support

    Who loves/uses ATD?

    ThoughtWorks, CeX, Jio, TravelStart, M800, Reward Gateway and lot more.

  • Liked Diego Molina
    keyboard_arrow_down

    Diego Molina - The Holy Trinity of UI Testing

    Diego Molina
    Diego Molina
    Sr. Software Engineer
    Sauce Labs
    schedule 1 year ago
    Sold Out!
    45 Mins
    Talk
    Intermediate

    Sometimes it is hard to know what to test in a web application, and the first step before testing is defining what we want to test. This may sound trivial, but in reality this is often not done properly. We tend to oversee the obvious and we test without knowing what we want to accomplish.

    What do we want to achieve? Validate user behaviour? Check if the page design is responsive on different devices? Or maybe to know that our web application looks like we expect.

    When we know the purpose of our test, we can start planning, coding, executing and improving our tests. But most importantly, we will know what approach we can use to develop the test.

    Functional, layout and visual testing are the three pillars of the UI testing trinity. We can use these approaches to develop focused tests, tests that are asserting a specific aspect of our web application.

    But how can we identify what approach to use? When should we combine them? There is an information overflow that presents a huge variety of tools that can help us to test through any of these approaches. Sadly, this large amount of information is making us focus more on the tools instead of focusing on the testing strategy.

    The intention of this talk is to break in pieces the process of identifying how to develop a focused test, and more importantly, to understand when it makes sense to combine functional testing with layout or visual testing, and what to consider before using layout or visual testing.

    The talk will then go deeper through scenarios and code examples that show how to create layout and visual tests. It will also discuss scenarios where a functional test is not enough, or where a visual test is better than a layout test. This talk’s main goal is to offer a different perspective when testing a web application through the UI testing trinity.

    If you are interested in how to integrate layout or visual testing to your current workflow, you should attend this talk!

    Note: Thanks to the feedback I got after presenting this topic at SauceCon 2018, I have been able to make nice improvements to the content that will be helpful for the attendants.

  • Liked Anton Angelov
    keyboard_arrow_down

    Anton Angelov - Infinite Improbability Testing- Execute All Tests in Parallel

    Anton Angelov
    Anton Angelov
    CTO
    Automate The Planet
    schedule 1 year ago
    Sold Out!
    45 Mins
    Talk
    Intermediate

    100000 tests executed under half an hour - sounds like a myth? Well, we made it, and I'm going to tell you a story how we got there. Through surveys, we discovered that many companies desire to utilize the benefits from parallel tests execution to optimize their software development process. However, they struggle with the process. Lack of available tooling, documentation, tests data arrangement/deletion, handling E2E tests specifics like browsers, emulators, etc. We were one of this companies. Because of that, we created an open-source tool for the job. Throughout the presentation, you will find statistics where, depending on the type of the tests, the tests execution can speed up from 4- 40 times which makes the run of the 100000 tests possible for 27 minutes.

    It will be shown how to utilize the tool, its various features and where/when it is appropriate to use it. Also, you will find example solutions to most of the common challenges in executing tests in parallel. We believe that in the near future the parallel tests execution will be a necessity, much like unit tests or continuous integration now. This will be one of the pillars for the companies to improve their competitiveness and effectiveness.

  • Liked Gil Tayar
    keyboard_arrow_down

    Gil Tayar - Not Only Cars: “AI, Please Test My App”

    Gil Tayar
    Gil Tayar
    Sr. Architect
    Applitools
    schedule 1 year ago
    Sold Out!
    45 Mins
    Talk
    Beginner

    Autonomous cars were a Scifi dream not 10 years ago. A computer driving a car? No way. But it did happen, and is happening. And if scientists do it for a complicated task such as driving, can they do it for automated regression testing? In this talk we explore what is being done in the field today, but also speculate about the future: we introduce the 6 levels of autonomous testing (that correspond to the 5 levels of autonomous driving), and try and figure out what kind of help current AI techniques can bring to automated testing.

  • Liked Marcus Merrell
    keyboard_arrow_down

    Marcus Merrell / Diego Molina / ManojKumar - Selenium Grid

    Marcus Merrell
    Marcus Merrell
    Engineering Manager, CRM
    RetailMeNot, inc
    Diego Molina
    Diego Molina
    Sr. Software Engineer
    Sauce Labs
    ManojKumar
    ManojKumar
    Sr. Technical Consultant
    Applitools
    schedule 1 year ago
    Sold Out!
    480 Mins
    Workshop
    Advanced

    Selenium Grid can be a bit daunting to get up and running. Starting it is quite easy, but using it effectively can require pulling in third-party tools. In this workshop we’ll cover how to run your grid effectively, using best practices culled from several large grid installations.

  • Liked Rohit Singhal
    keyboard_arrow_down

    Rohit Singhal / Lavanya Mohan - Insights for building it the right way!

    45 Mins
    Demonstration
    Intermediate

    Many good product and project teams try to understand the “whys” when they’re asked to build a new feature. But, how do we know whether our reasons are actually good enough?

    Are we tracking customer behaviour and feedback to get more insights into building the “right product”?

    Do we have analytics? Are we monitoring issues/crashes and user suggestions? Are we automating these processes?

    In this talk, we will share how we did our analysis in order to get better insights for building the right product and adding more value to our customers. We will share our experience, challenges, etc. We will also talk about a small utility (Sentiment Analyser) we developed which helps us to generate meaningful reports from user's feedback on daily basis.

    We will also cover how we’ve automated analytics and understanding the sentiments of our customers.

    There will be a demo for Analytics Automation and Sentiment Analyser.

  • Liked NaliniKanth M
    keyboard_arrow_down

    NaliniKanth M / Srinivasan Sekar - New hope in Selenium Docker

    45 Mins
    Demonstration
    Advanced

    Idea behind this talk is to describe how to create a short lived containers for each test and scale to large Selenium Cluster using Selenoid. What is standard Selenium architecture and why it is not suitable for big clusters, Also states issues in maintaining a large Docker Selenium Grid / Selenium Clusters. In this session we will also be talking about the challenges we faced in using official selenium docker images and how we scaled up regression execution time from 3:3 (3 hours to 3 mins). Followed by a demo of how Selenoid server solves the problem with docker. How it works, how to use inside big Selenium cluster, where else it could be used.

  • Liked Syam Sasi
    keyboard_arrow_down

    Syam Sasi / Jerry Zhao - How to build a device lab in your office in 48 hours!

    45 Mins
    Talk
    Intermediate

    Continuous testing is an integral part of continuous delivery pipeline. When it comes to mobile application, the testing become increasingly complex.

    As part of our internal quarter hackathon at Carousell, we developed an automation testing framework and device lab in 48 hours which has both parallel and distributed mode of running.

    We will share about how you can set up a similar device lab in your organization and the best practices to be followed.

  • Haritha Hari
    Haritha Hari
    Sr. Quality Analyst
    Thoughtworks
    schedule 1 year ago
    Sold Out!
    45 Mins
    Demonstration
    Intermediate

    Docker can be used to containerize Selenium tests and can be made to run against applications in another container. These tests can be further run on Selenium grid without the need of physical machines or VMs using Docker Selenium. Multiple and different versions of browsers, headless mode etc can be run inside containers and can be used to run tests in parallel. All these can be achieved with minimal changes to the existing Selenium tests.

  • Liked Shivaling Sannalli
    keyboard_arrow_down

    Shivaling Sannalli - Unify service and UI layer Automation - BDD way

    90 Mins
    Workshop
    Intermediate

    Software delivery is switching towards business driven development. This needs capturing requirements as presented by clients and translating these requirements into development tasks and tests.

    Clients want visibility on the quality of the requirements that are captured. Quality in the delivery of the project measured using the test pyramid — heavy unit tests, more integration and service layer tests, and fewer UI tests. Test pyramid is the ideal quality structure for Agile projects.

    In this presentation/session we will focus on how we can combine both service layer tests and UI layer tests in a BDD(Behavior Driven Development) way of Automation. That will bring test coverage visibility to business. Clients themselves can run this suite without having to understand technicalities of the implementation. Test scenarios will exactly be the requirements captured by business as behaviors.

    To accomplish BDD way of automation for both service layer automation and UI layer we will use following tools/libraries:

    BDD Tool: Gauge or Cucumber (both are open source)

    Service layer Automation : Unirest for JAVA

    UI layer Automation : Selenium WebDriver for JAVA

  • Liked Siddharth Kulkarni
    keyboard_arrow_down

    Siddharth Kulkarni - Dr Culture Shock - Or How I stopped worrying and embraced Org Culture

    45 Mins
    Talk
    Intermediate

    The org culture mantra is usually considered a silicon valley mumbo jumbo. Although many companies and teams rant about culture, very few in my opinion take it seriously. In this talk I would like to discuss the importance of Org culture and how it makes or breaks businesses and teams. I will lay out some key pointers that will help the influencers in the audience make decisions about their org or team culture. The talk will be in the context of culture in tech companies.

  • Liked Ruchika Rawat
    keyboard_arrow_down

    Ruchika Rawat - Lean Test Approach - in Agile

    Ruchika Rawat
    Ruchika Rawat
    Quality Analyst
    Thoughtworks
    schedule 1 year ago
    Sold Out!
    20 Mins
    Case Study
    Beginner

    Talk Description Automation provides an immense amount of value in preventing regressions and helping to deliver quality software. As an organization’s automation grows and grows, it requires continuous maintenance so that tests remain fast, reliable, and valuable. If not scaled efficiently, an organization’s automation suite will turn into a messy, uncontrollable beast. Having a lean test suite will help to combat this. In this session will present methods to keep automated test suites lean and mean, so they always provide quick and accurate feedback to the software delivery team. Using a few examples, she will discuss a wide range of ideas including evaluating a test's value, parallelizing tests, and producing consistent results. Session attendees will walk away with strategies and practices to scale their test automation over time in a highly efficient and maintainable way.

  • Liked NaliniKanth M
    keyboard_arrow_down

    NaliniKanth M / Prasad Mudedla - Continuous Security with Selenium tests

    45 Mins
    Demonstration
    Intermediate

    We have come to a place where we run our selenium tests on pipelines every day.
    Now are these tests confined to test only the functionality of the application?
    No, we can use this tests to do much more. Let's test security with those same tests.

    Turn your selenium tests in to Security tests, get security testing in to your CI pipelines just by tweaking a bit of the selenium integration suite. Find and report security issues that exists which can be caught way before paying off for it.
    In this Demo we will introduce a framework that will help your selenium tests turn into security tests and run on pipelines.
    With ZAP API + selenium and CI pipelines, find security issues on the application see a red or green security pipeline. Not just that fetch the reports and take necessary actions on every build.
    The talk covers different ways that ZAP tests the web application for security(automated with selenium tests). We will see what all of them can be integrated with selenium and can make most out the suite.
    As an add we will see how your API can be tested for security using ZAP API :)

    Tools used:
    1. Selenium Web driver framework.
    2. ZAP framework integrated with selenium framework.
    3. GO (for CI/CD)
    4. Maven for building and fetching reports.

  • Liked Smriti Tuteja
    keyboard_arrow_down

    Smriti Tuteja - Migrate to Headless Chrome with Protractor

    Smriti Tuteja
    Smriti Tuteja
    Sr. Consultant
    Thoughtworks
    schedule 1 year ago
    Sold Out!
    20 Mins
    Experience Report
    Intermediate

    In this era of automation where everyone is focused on Agile and DevOps, learn how you can migrate from xvfb (X virtual framebuffer which enabled you to run browser tests without a display on a CI server) to Headless Chrome while you use Protractor.
    Attend this talk to understand how I migrated to headless chrome and the pain points. The discussion will include:

    • things you can take care of when migrating
    • checking versions compatibility for migration
    • things you will need to fix
  • Liked Michael Palotas
    keyboard_arrow_down

    Michael Palotas - Enterprise Automation with Selenium - and how it (mostly) has little to do with Selenium itself

    45 Mins
    Talk
    Intermediate

    An increasing number of enterprises are moving to Selenium for their GUI automation. The focus for most teams is the creation and authoring of automated tests. When automation projects become difficult to maintain or fail all together, people often point the finger to “Selenium”. From experience, Selenium is usually not the problem in getting an enterprise grade test automation solution off the ground.

    When looking deeper, the absence of basic software development approaches / best practices and the lack of a solid approach to building / buying and managing the cross browser test execution infrastructure are the main reasons for failure.

    This talk showcases:

    • Practical examples of how test automation with Selenium is a software development and infrastructure project, which needs to be treated and staffed as such.
    • The major pitfalls, which can prevent teams from building a scalable and reliable automation solution with the Selenium tool family.
    • How to apply patterns and approaches in making test automation with Selenium a full success.
  • Liked Dharmender Kumar
    keyboard_arrow_down

    Dharmender Kumar - Develop Securely with Zaplenium

    Dharmender Kumar
    Dharmender Kumar
    Architect
    JDA
    schedule 1 year ago
    Sold Out!
    45 Mins
    Talk
    Intermediate

    Zaplenium simply means ZAP + Selenium and named after the integration of both to ensure application security while it's being developed. ZAP provide client API's that help to capture URL's by spidering and scanning over the pages those are interacted in user flows. With ZAPlenium the tests can be targeted to certain areas of application where selenium helps in navigating to those areas and target ZAP to spider over those and scan them. Also, Zaplenium will help defining the assertions those can come handy while we integrate this in CI/CD pipelines.

    Participants will be able to define security sanity suite to their build pipelines. With code change the security can be tapped for any High, Medium and Low risks. Session will make use of open source technologies i.e. OWASP ZAP and Selenium to define tests with assertion.

    Security Tool: OWASP ZAP

    Functional Tool: Selenium Web driver

  • Liked Martin Schneider
    keyboard_arrow_down

    Martin Schneider / Syam Sasi - One framework to rule them all - a holistic approach to Web and Mobile testing

    45 Mins
    Demonstration
    Intermediate

    Targeting both mobile devices and desktop browsers has become a necessity for successful tech applications. Whether an existing web application triggers the development of native apps or a desktop version is introduced to supplement the smartphone experience, supporting both worlds is a reality for a majority of businesses.
    To maximise user experience, an application should behave as identical as possible across all platforms. However, more often than not versions for different platforms are built by different teams with different designers, possibly across multiple sites (even countries, continents, timezones) each with their own tech-stack and development process. In such a set-up, using different tools for automated testing could come naturally and add to the challenges of building a single product.
    We argue that a common approach to test automation is critical. Not only will it save time and development costs, it can also increase communication and improve collaboration between teams and be a great facilitator for setting the focus on the product as a whole rather than separate deliverables for each platform. In this sense, it can serve as an umbrella across all involved teams.
    We will demonstrate a simple JAVA-based solution using Selenium, Appium and Cucumber to combine testing for different platforms (namely Android, iOS and Web) within the same framework. We will talk about best practices in designing an extendable and easy-to-use test framework and how we can facilitate cloud-based services to integrate our tests into a CI pipeline.